aboutsummaryrefslogtreecommitdiffstats
path: root/package/network
Commit message (Collapse)AuthorAgeFilesLines
...
* odhcpd: bump to latest versionNick Hainke2021-01-041-3/+3
| | | | | | 3bda900 odhcpd: add option for setting preferred lifetime Signed-off-by: Nick Hainke <vincent@systemli.org>
* hostapd: add support for custom per-BSS optionsFlorian Beverborg2021-01-032-1/+8
| | | | | | | | | | | | This adds an option "hostapd_bss_options" that does the same as "hostapd_options" but on a per-BSS level, instead of a per-device level. This can be used, for example, to configure different per-devce sae_passwords per BSS or to augment some of the existing per-BSS options. Signed-off-by: Florian Beverborg <flo@beverb.org> [remove whitespace errors, bump release] Signed-off-by: Paul Spooren <mail@aparcar.org>
* ppp: Remove already applied patchHauke Mehrtens2021-01-012-14/+1
| | | | | | | This patch was already applied upstream and not needed here. Fixes: 06403981e1f2 ("ppp: update to version 2.4.7.git-2019-05-06") Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* iproute2: update to 5.10.0Russell Senior2021-01-011-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | c8faeca5 (ss: mptcp: fix add_addr_accepted stat print, 2020-11-18) 0d78e8ea (tc: pedit: fix memory leak in print_pedit, 2020-12-11) ec1346ac (devlink: fix memory leak in cmd_dev_flash(), 2020-12-11) 309e6027 (man: tc-flower: fix manpage, 2020-12-11) 376367d9 (uapi: merge in change to bpf.h, 2020-12-14) 2e80ae89 (Merge branch 'gcc-10' into main, 2020-12-03) 755b1c58 (tc/mqprio: json-ify output, 2020-12-02) 975c4944 (ip/netns: use flock when setting up /run/netns, 2020-11-27) fb054cb3 (uapi: update devlink.h, 2020-11-29) c95d63e4 (uapi: update devlink.h, 2020-11-29) cae2e929 (f_u32: fix compiler gcc-10 compiler warning, 2020-11-29) c0149839 (misc: fix compiler warning in ifstat and nstat, 2020-11-29) 2319db90 (tc: fix compiler warnings in ip6 pedit, 2020-11-29) 5bdc4e91 (bridge: fix string length warning, 2020-11-29) f8176999 (devlink: fix uninitialized warning, 2020-11-29) 7a49ff9d (bridge: report correct version, 2020-11-15) 8682f588 (tc-mpls: fix manpage example and help message string, 2020-11-02) 7c7a0fe0 (tc-vlan: fix help and error message strings, 2020-11-02) 72f88bd4 (uapi: update kernel headers from 5.10-rc2, 2020-11-08) b90c39be (rdma: fix spelling error in comment, 2020-11-08) c8424b73 (man: fix spelling errors, 2020-11-08) cbf64817 (tc/m_gate: fix spelling errors, 2020-11-08) 14b189f0 (uapi: updates from 5.10-rc1, 2020-11-03) 9fc5bf73 (libnetlink: define __aligned conditionally, 2020-10-26) eb12cc9a (Merge branch 'main' into next, 2020-10-25) f1298d76 (m_mpls: test the 'mac_push' action after 'modify', 2020-10-22) 2b7a7684 (Merge branch 'tipc-encryption' into next, 2020-10-20) 2bf1ba5a (tipc: add option to set rekeying for encryption, 2020-10-16) 5fb36818 (tipc: add option to set master key for encryption, 2020-10-16) b4edd6a8 (Merge branch 'tc-mpls-l2-vpn' into next Guillaume Nault says:, 2020-10-20) 02a261b5 (m_mpls: add mac_push action, 2020-10-19) d61167dd (m_vlan: add pop_eth and push_eth actions, 2020-10-19) 3342688a (devlink: display elapsed time during flash update, 2020-10-14) cb7ce51c (v5.9.0, 2020-10-15) b5a583fb (Merge branch 'main' into next Signed-off-by: David Ahern <dsahern@gmail.com>, 2020-10-11) 78120128 (genl: ctrl: print op -> policy idx mapping, 2020-10-03) 91c54917 (Merge branch 'bridge-igmpv3-mldv2' into next Nikolay Aleksandrov says:, 2020-10-11) 86588450 (bridge: mdb: print protocol when available, 2020-10-08) 2de81d1e (bridge: mdb: print source list when available, 2020-10-08) 1d28c480 (bridge: mdb: print filter mode when available, 2020-10-08) e331677e (bridge: mdb: show igmpv3/mldv2 flags, 2020-10-08) f94e8b07 (bridge: mdb: print fast_leave flag, 2020-10-08) 547b3197 (bridge: mdb: add support for source address, 2020-10-08) f905191a (Update kernel headers, 2020-10-11) 4322b13c (ip xfrm: support setting XFRMA_SET_MARK_MASK attribute in states, 2020-10-02) 8dc1db80 (devlink: Add health reporter test command support, 2020-10-01) 01216471 (devlink: support setting the overwrite mask attribute, 2020-09-30) 34be2d26 (Update kernel headers, 2020-10-07) d2be31d9 (ss: add support for xdp statistics, 2020-09-24) f481515c (Update kernel headers, 2020-09-29) b8663da0 (ip: promote missed packets to the -s row, 2020-09-16) cec67df9 (Merge branch 'devlink-controller-external-info' into next Parav Pandit says:, 2020-09-22) 748cbad3 (devlink: Show controller number of a devlink port, 2020-09-18) 8fadd011 (devlink: Show external port attribute, 2020-09-18) 454429e8 (Update kernel headers, 2020-09-22) ad34d5fa (iproute2: ss: add support to expose various inet sockopts, 2020-08-19) c8eb4b52 (Update kernel headers, 2020-09-08) abee772f (tipc: support 128bit node identity for peer removing, 2020-08-27) 6fd53b2a (iplink: add support for protodown reason, 2020-08-28) af27494d (ip xfrm: support printing XFRMA_SET_MARK_MASK attribute in states, 2020-08-28) 275eed9b (Merge branch 'main' into next, 2020-09-01) cc889b82 (genl: ctrl: support dumping netlink policy, 2020-08-24) d5acae24 (libnetlink: add nl_print_policy() helper, 2020-08-24) 784fa9f6 (libnetlink: add rtattr_for_each_nested() iteration macro, 2020-08-24) OpenWrt patches unchanged. Successfully built for ramips/mt7621 and x86/geode with: CONFIG_PACKAGE_devlink=m CONFIG_PACKAGE_genl=m CONFIG_PACKAGE_ip-bridge=m CONFIG_PACKAGE_ip-full=m CONFIG_PACKAGE_ip-tiny=m CONFIG_PACKAGE_nstat=m CONFIG_PACKAGE_rdma=m CONFIG_PACKAGE_ss=m CONFIG_PACKAGE_tc=m Minimally run-tested ip-tiny on ramips/mt7621 (ubnt-erx). Signed-off-by: Russell Senior <russell@personaltelco.net>
* hostapd: do not restart hostapd instance on wireless restartsFelix Fietkau2020-12-311-1/+1
| | | | | | Add the flag that prevents netifd from killing hostapd/wpa_supplicant Signed-off-by: Felix Fietkau <nbd@nbd.name>
* netifd: update to the latest versionFelix Fietkau2020-12-311-3/+3
| | | | | | 39fb8c3edc74 wireless: add support for not killing processes on teardown Signed-off-by: Felix Fietkau <nbd@nbd.name>
* vxlan: allow for dynamic source ip selection (FS#3426)Johannes Kimmel2020-12-312-25/+12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | By setting 'auto', the zero address or the empty string as source address (option ipaddr, option ip6addr), vxlan will choose one dynamically. This helps in setups where a wan ip or prefix changes. This corresponse to setting up an vxlan tunnel with: proto vxlan6: # ip link add vx0 type vxlan id ID local :: ... proto vxlan: # ip link add vx0 type vxlan id ID local 0.0.0.0 ... While it is possible to not specify a source ip at all, the kernel will default to setting up a ipv4 tunnel. The kernel will take any hint from source and peer ips to figure out, what tunnel type to use. To make sure we setup an ipv6 tunnel for proto vxlan6, this workaround is needed. This will not change the behaviour of currently working configurations. However this will allow former broken configurations, namely those not specifying both a source address and tunnel interface, to setup a tunnel interface. Previously those configurations weren't reporting an error and were stueck in a setup loop like in Bug FS#3426. This change lifts the currently very strict behaviour and should fix the following bug: Fixes: FS#3426 Ref: https://bugs.openwrt.org/index.php?do=details&task_id=3426 Signed-off-by: Johannes Kimmel <fff@bareminimum.eu>
* odhcp6c: update to git HEADHans Dedecker2020-12-301-3/+3
| | | | | | | eac1961 dhcpv6: fix displaying IA info 0475e18 dhcpv6: display status code as a string Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* ethtool: update to version 5.10Hans Dedecker2020-12-261-2/+2
| | | | | | | | The ipkg sizes changes as follows for mips 24kc : 5.9 : ethtool_5.9-1_mips_24kc.ipk 35246 5.10 : ethtool_5.10-1_mips_24kc.ipk 35385 Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* odhcpd: update to latest git HEADHans Dedecker2020-12-241-3/+3
| | | | | | | | b75bcad dhcpv6-ia: remove assignment equal to 0 checks d1ae052 dhcpv6-ia: fix logic to include IA_PD prefix with lifetimes set to 0 9d5e379 dhcpv6-ia: fix prefix delegation behavior Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* treewide: nuke DRIVER_11W_SUPPORTDobroslaw Kijowski2020-12-233-11/+1
| | | | | | | | | | | | | | As of hostapd upstream commit 7d2ed8ba "Remove CONFIG_IEEE80211W build parameter" https://w1.fi/cgit/hostap/commit?id=7d2ed8bae86a31dd2df45c24b3f7281d55315482 802.11w feature is always enabled in the build time. It doesn't make sense to opt-in 802.11w per driver as hostapd will always be compiled with this feature enabled. As suggested by Hauke Mehrtens, for now keep 11w enabled in build_features.h for compatibility reasons. This option will be dropped when LuCI is adjusted. Signed-off-by: Dobroslaw Kijowski <dobo90@gmail.com>
* netifd: update to the latest versionFelix Fietkau2020-12-231-3/+3
| | | | | | 88c6003e2b4f netifd: fix a typo in vlandev hotplug support Signed-off-by: Felix Fietkau <nbd@nbd.name>
* hostapd: pass respawn settings when registering the serviceJohn Crispin2020-12-221-2/+2
| | | | | | | | When hostapd gets restarted to often/quickly will cause procd to not restart it anymore. it will think that hapd is in a crash loop. Signed-off-by: John Crispin <john@phrozen.org> Signed-off-by: Felix Fietkau <nbd@nbd.name> [adjust respawn time]
* hostapd: Use EAPOLv1 (802.1X-2001) if WPA enabledNick Lowe2020-12-221-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently, EAPOLv2 (802.1X-2004) is used by default for legacy clients that are not WPA2 (RSN) capable. These legacy clients are often intolerant to this EAPOL version and fail to connect. hostapd.conf upstream documents for eapol_version the following and that this is a known compatibility issue with version 2: // IEEE 802.1X/EAPOL version // hostapd is implemented based on IEEE Std 802.1X-2004 which defines EAPOL // version 2. However, there are many client implementations that do not handle // the new version number correctly (they seem to drop the frames completely). // In order to make hostapd interoperate with these clients, the version number // can be set to the older version (1) with this configuration value. // Note: When using MACsec, eapol_version shall be set to 3, which is // defined in IEEE Std 802.1X-2010. //eapol_version=2 For the wpa parameter, hostapd.conf upstream documents that this is a bitfield, configured as follows: // Enable WPA. Setting this variable configures the AP to require WPA (either // WPA-PSK or WPA-RADIUS/EAP based on other configuration). For WPA-PSK, either // wpa_psk or wpa_passphrase must be set and wpa_key_mgmt must include WPA-PSK. // Instead of wpa_psk / wpa_passphrase, wpa_psk_radius might suffice. // For WPA-RADIUS/EAP, ieee8021x must be set (but without dynamic WEP keys), // RADIUS authentication server must be configured, and WPA-EAP must be included // in wpa_key_mgmt. // This field is a bit field that can be used to enable WPA (IEEE 802.11i/D3.0) // and/or WPA2 (full IEEE 802.11i/RSN): // bit0 = WPA // bit1 = IEEE 802.11i/RSN (WPA2) (dot11RSNAEnabled) // Note that WPA3 is also configured with bit1 since it uses RSN just like WPA2. // In other words, for WPA3, wpa=2 is used the configuration (and // wpa_key_mgmt=SAE for WPA3-Personal instead of wpa_key_mgmt=WPA-PSK). //wpa=2 For client compatibility therefore: EAPOLv1 (802.1X-2001) should be used by default where WPA is enabled. EAPOLv2 (802.1X-2004) should be used by default where WPA is disabled. To fix this, we can therefore change in the script: set_default eapol_version 0 To the following: set_default eapol_version $((wpa & 1)) This therefore: 1) Sets eapol_version to 1 where WPA has been enabled via wpa bit0 being set. 2) Sets eapol_version to 0 where WPA has been disabled via wpa bit0 being unset. For usual configurations that only have WPA2 enabled, EAPOLv2 is then used. Signed-off-by: Nick Lowe <nick.lowe@gmail.com>
* tcpdump: fix pcap-config issuesRosen Penev2020-12-222-115/+4
| | | | | | | | | | | | | | The patch removes a libpcap check to avoid a problem with libpcap. Fix libpcap instead. Modernize Makefile: Use a normal autoconf bool instead of checking for CONFIG_IPV6. Remove old configure and MAKE_FLAGS hacks. Removing them results in compilation continuing to work without a problem. Signed-off-by: Rosen Penev <rosenp@gmail.com>
* hostapd: parse skip_inactivity_poll optionNadim Atiya2020-12-222-3/+5
| | | | | | | | | | | | hostapd.sh does not parse skip_inactivity_poll boolean from /etc/config/wireless despite being mentioned in the documentation [1]. This change fixes this, and by default sets its value to 0 [1]. [1] https://openwrt.org/docs/guide-user/network/wifi/basic Signed-off-by: Nadim Atiya <nadim.atiya@gmail.com> Signed-off-by: Daniel Golle <daniel@makrotopia.org> [fix and reformat commit message, make patch apply]
* uhttpd: don't redirect to HTTPS by defaultPetr Štetiar2020-12-201-1/+1
| | | | | | | | | | | | | | | | | | | So we can ship px5g-wolfssl by default in the release image, but still make the HTTPS for LuCI optional. This small change with addition of `CONFIG_PACKAGE_px5g-wolfssl=y` into the buildbot's seed config for the next release should provide optional HTTPS in the next release. Disabling the current default automatic uhttpd's redirect to HTTPS should make the HTTPS optional. That's it, user would either need to switch to HTTPS by manually switching to https:// protocol in the URL or by issuing the following commands to make the HTTPS automatic redirect permanent: $ uci set uhttpd.main.redirect_https=1 $ uci commit uhttpd $ service uhttpd reload Signed-off-by: Petr Štetiar <ynezz@true.cz>
* netifd: update to latest versionNick Hainke2020-12-141-3/+3
| | | | | | 458b1a7e9473 netifd: add segment routing support Signed-off-by: Nick Hainke <vincent@systemli.org>
* odhcpd: remove local mkdir_p implementationDaniel Golle2020-12-131-3/+3
| | | | | | | Replace local mkdir_p implementation in favour of using mkdir_p now added to libubox. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* xfrm: support 'multicast' attribute on interfacesPhilip Prindeville2020-12-112-3/+6
| | | | | | | | | | | | | | You shouldn't need the overhead of GRE just to add multicast capability on a point-to-point interface (for instance, you might want to run mDNS over IPsec transport connections, and Avahi requires IFF_MULTICAST be set on interfaces, even point-to-point ones). Borrowed heavily from: b3c9321b9e gre: Support multicast configurable gre interfaces Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
* dropbear: bump package versionKonstantin Demin2020-12-111-1/+1
| | | | | | | | Bump package version after previous changes. Signed-off-by: Konstantin Demin <rockdrilla@gmail.com> [added missing commit description] Signed-off-by: Petr Štetiar <ynezz@true.cz>
* dropbear: add ssh-askpass support in configurationKonstantin Demin2020-12-112-1/+12
| | | | | | | | | | binary size cost is much less than 1k. tested on ath79/generic: bin: 215128 -> 215132 (+4b) ipk: 111183 -> 111494 (+311b) Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
* dropbear: roll up recipes into mapping listsKonstantin Demin2020-12-111-24/+59
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | this commit removes manual recipes for options and introduces mapping lists: - DB_OPT_COMMON holds option mappings which are common for all builds; - DB_OPT_CONFIG holds option mappings which are depend on config settings. DB_OPT_COMMON is space-separated list of 'words', each of them is in format: 'header_option|value' 'header_option' is added with value 'value' to 'localoptions.h'. if 'header_option' is preceded by two exclamation marks ('!!') then option is not added to 'localoptions.h' but replaced in 'sysoptions.h'. in short: option|value - add option to localoptions.h !!option|value - replace option in sysoptions.h DB_OPT_CONFIG is space-separated list of 'words', each of them is in format: 'header_option|config_variable|value_enabled|value_disabled' 'header_option' is handled likewise in DB_OPT_COMMON. if 'config_variable' is enabled (technically: not disabled) then 'header_option' is set to 'value_enabled' and 'value_disabled' otherwise. in short: option|config|enabled|disabled = add option to localoptions.h !!option|config|enabled|disabled = replace option in sysoptions.h option := (config) ? enabled : disabled If you're not sure that option's value doesn't have '|' within - add your recipe manually right after '$(Build/Configure/dropbear_headers)' and write some words about your decision. PS about two exclamation marks: early idea was to use one exclamation mark to denote such header options but then i thought single exclamation mark may be overlooked by mistake. Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
* dropbear: rework recipes that configure buildKonstantin Demin2020-12-111-22/+17
| | | | | | | | - add two helper functions to avoid mistakes with choice of correct header file to work with - update rules accordingly Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
* dropbear: reorder options in Configure recipeKonstantin Demin2020-12-111-11/+11
| | | | | | | put static options at first place, then place configurable options. also put DROPBEAR_ECC right before DROPBEAR_ECC_FULL to ease maintainance. Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
* dropbear: enable back DROPBEAR_USE_PASSWORD_ENVKonstantin Demin2020-12-111-2/+1
| | | | | | | | | | | | | this option was disabled in 2011 and these long nine years showed us that change was definitely wrong. binary size cost is much less than 1k. tested on ath79/generic: bin: 215128 -> 215128 (no change) ipk: 111108 -> 111183 (+75b) Fixes: 3c801b3dc0359 ("tune some more options by default to decrease size") Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
* iftop: remove packagePaul Spooren2020-12-091-45/+0
| | | | | | | The package has no reason to be in openwrt.git. Move it to packages.git. Signed-off-by: Paul Spooren <mail@aparcar.org> Acked-by: Jo-Philipp Wich <jo@mein.io>
* odhcp6c: update to latest git HEADHans Dedecker2020-12-091-3/+3
| | | | | | | 0ffa3a3 dhcpv6: harden reconfigure logic 3999b6d dhcpv6: rework DHCPv6 message to string implementation Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* lldpd: fix autoreconf failureJo-Philipp Wich2020-12-091-0/+61
| | | | | | | | | | | | | | | | | | | | | The lldpd sources ship a modified local AX_LIB_READLINE M4 macro which conflicts with the official macro shipped by autoconf-archive. Due to the official macro having the same name and a higher serial number, autoconf will prefer including that one instead of the local copy, preventing the substitution of @READLINE_LIBS@ in Makefile.in templates, ultimately leading to the following build failure when linking lldpcli: ...-gcc: error: READLINE_LIBS@: No such file or directory Avoid this problem by renaming the locally shipped macro to not clash with the official implementation anymore. Ref: https://github.com/lldpd/lldpd/pull/423 Acked-by: Stijn Tintel <stijn@linux-ipv6.be> Tested-by: Rosen Penev <rosenp@gmail.com> Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* hostapd: Disable 802.11b data rates by defaultNick Lowe2020-12-062-2/+2
| | | | | | | | | | | | | | | | | Set legacy_rates to 0 by default to disable 802.11b data rates by default. The time has long come where 802.11b DSSS/CCK data rates should be disabled by default in OpenWRT. Users in need of 802.11b client support can reasonably enable these where they are needed. The balance of equities has significantly, and for a long time, tipped such that dropping backwards compatibility by default with 802.11b devices is appropriate, proportionate and justified. By doing so, management and control traffic is moved by default to a 20 MHz wide 6 Mb/s OFDM data rate instead of a 22 MHz wide 1 Mb/s DSSS data rate. This is significantly more airtime efficient. Signed-off-by: Nick Lowe <nick.lowe@gmail.com>
* openvpn: removeRosen Penev2020-12-0518-1564/+0
| | | | | | | This will be moved to packages. Signed-off-by: Rosen Penev <rosenp@gmail.com> Acked-by: Paul Spooren <mail@aparcar.org>
* openvpn-easy-rsa: removeRosen Penev2020-12-053-92/+0
| | | | | | This will be moved to packages. Signed-off-by: Rosen Penev <rosenp@gmail.com>
* odhcp6c: update to git HEADHans Dedecker2020-12-051-3/+3
| | | | | | | | | | faed29a dhcpv6: only refresh timers when reconfigure is valid 9c50975 dhcpv6: fix printing identity association id a7b2221 dhcpv6: avoid sending continuous renew/rebind messages d7afa2b dhcpv6: add extra syslog info traces f5728e4 odhcp6c_find_entry: exclude priority from the list of fields that must match Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* netifd: update to the latest versionFelix Fietkau2020-12-021-3/+3
| | | | | | | | | | | d6bd1047d004 vlandev: dump vlan id in device status e0c838bd06a6 vlandev: support bridge-vlan aliases in the vid config parameter 574dc4a17105 system-dummy: print configured mac address 14f0e8ff928f system-linux: simplify mask check in system_if_apply_settings 524310276f20 system-linux: move device settings handling to device.c 42c48866f1c1 config: parse default mac address from board.json Signed-off-by: Felix Fietkau <nbd@nbd.name>
* umdns: add check for seccomp listJan Pavlinec2020-11-302-2/+2
| | | | | | | | This should fix an issue when user have a router with enabled seccomp and tries to run umdns package which was build with SDK with disabled seccomp support. Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
* hostapd: Add cell_density data rates optionNick Lowe2020-11-301-13/+54
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add a cell_density option to configure data rates for normal, high and very high cell density wireless deployments. The purpose of using a minimum basic/mandatory data rate that is higher than 6 Mb/s, or 5.5 Mb/s (802.11b compatible), in high cell density environments is to transmit broadcast/multicast data frames using less airtime or to reduce management overheads where significant co-channel interference (CCI) exists and cannot be avoided. Caution: Without careful design and validation, configuration of a too high minimum basic/mandatory data rate can sacrifice connection stability or disrupt the ability to reliably connect and authenticate for little to no capacity benefit. This is because this configuration affects the ability of clients to hear and demodulate management, control and broadcast/multicast data frames. Deployments that have not been specifically designed and validated are usually best suited to use 6, 12 and 24 Mb/s as basic/mandatory data rates. Only usually seek to configure a 12 Mb/s, or 11 Mb/s (802.11b compatible), minimum basic/mandatory rate in high cell density deployments that have been designed and validated for this. For many deployments, the minimum basic/mandatory data rate should not be configured above 12 Mb/s to 18 Mb/s, 24 Mb/s or higher. Such a configuration is only appropriate for use in very high cell density deployment scenarios. A cell_density of Very High (3) should only be used where a deployment has a valid use case and has been designed and validated specifically for this use, nearly always with highly directional antennas - an example would be stadium deployments. For example, with a 24 Mb/s OFDM minimum basic/mandatory data rate, approximately a -73 dBm RSSI is required to decode frames. Many clients will not have roamed elsewhere by the time that they experience -73 dBm and, where they do, they frequently may not hear and be able to demodulate beacon, control or broadcast/multicast data frames causing connectivity issues. There is a myth that disabling lower basic/mandatory data rates will improve roaming and avoid sticky clients. For 802.11n, 802.11ac and 802.11ax clients this is not correct as clients will shift to and use lower MCS rates and not to the 802.11b or 802.11g/802.11a rates that are able to be used as basic/mandatory data rates. There is a myth that disabling lower basic/mandatory data rates will ensure that clients only use higher data rates and that better performance is assured. For 802.11n, 802.11ac and 802.11ax clients this is not correct as clients will shift around and use MCS rates and not the 802.11b or 802.11g/802.11a rates that able to be used as basic/mandatory data rates. Cell Density 0 - Disabled (Default) Setting cell_density to 0 does not configure data rates. This is the default. 1 - Normal Cell Density Setting cell_density to 1 configures the basic/mandatory rates to 6, 12 and 24 Mb/s OFDM rates where legacy_rates is 0. Supported rates lower than the minimum basic/mandatory rate are not offered. Setting cell_density to 1 configures the basic/mandatory rates to the 5.5 and 11 Mb/s DSSS rates where legacy_rates is 1. Supported rates lower than the minimum basic/mandatory rate are not offered. 2 - High Cell Density Setting the cell_density to 2 configures the basic/mandatory rates to the 12 and 24 Mb/s OFDM rates where legacy_rates is 0. Supported rates lower than the minimum basic/mandatory rate are not offered. Setting the cell_density to 2 configures the basic/mandatory rates to the 11 Mb/s DSSS rate where legacy_rates is 1. Supported rates lower than the minimum basic/mandatory rate are not offered. 3 - Very High Cell Density Setting the cell_density to 3 configures the basic/mandatory rates to the 24 Mb/s OFDM rate where legacy_rates is 0. Supported rates lower than the minimum basic/mandatory rate are not offered. Setting the cell_density to 3 only has effect where legacy_rates is 0, else this has the same effect as being configured with a cell_density of 2. Where specified, the basic_rate and supported_rates options continue to override both the cell_density and legacy_rates options. Signed-off-by: Nick Lowe <nick.lowe@gmail.com>
* umdns: update seccomp filter rulesDaniel Golle2020-11-272-1/+2
| | | | | | Add 'writev' syscall to list of allowed syscalls. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* hostapd: fix "sh: out of range" errorsStijn Tintel2020-11-261-0/+7
| | | | | | | | | | | | | | Several variables in hostapd.sh can be used uninitialized in numerical comparisons, causing errors in logread: netifd: radio24 (1668): sh: out of range Set defaults for those variables to silence those errors. Fixes: b518f07d4b8a ("hostapd: remove ieee80211v option") Fixes: cc80cf53c50d ("hostapd: add FTM responder support") Fixes: e66bd0eb0469 ("hostapd: make rrm report independent of ieee80211k setting") Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* lldpd: bump to 1.0.7Stijn Tintel2020-11-261-3/+3
| | | | Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* tcpdump: patch CVE-2020-8037Jan Pavlinec2020-11-252-1/+48
| | | | | | | | | This PR backports upstream fix for CVE-2020-8037. This fix is only relevant for tcpdump package, tcpdump-mini is not affeted by this issue. Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz> [added missing commit description] Signed-off-by: Petr Štetiar <ynezz@true.cz>
* uqmi: set plmn only if necessaryMartin Schiller2020-11-242-8/+22
| | | | | | | | | | | | | | | | | Setting the plmn to '0' (auto) will implicitly lead to a (delayed) network re-registration, which could further lead to some timing related issues in the qmi proto handler. On the other hand, if you switch back from manual plmn selection to auto mode you have to set it to '0', because this setting is permanently "saved" in the wwan module. Conclusion: If plmn is configured, check if it's already set euqally in the module. If so, do nothing. Otherwise set it. Signed-off-by: Martin Schiller <ms@dev.tdt.de> Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* hostapd: fix patch offsetLeon M. George2020-11-231-1/+1
| | | | | | | Fixes the offset of the patch added in 93bbd998aa696a ("hostapd: enter DFS state if no available channel is found"). Signed-off-by: Leon M. George <leon@georgemail.eu>
* netifd: update to the latest versionFelix Fietkau2020-11-231-3/+3
| | | | | | | 213748a9bcd9 system-linux: implement full device present state management for force-external devices 3abe1fc87151 system-linux: add retry for adding member devices to a bridge Signed-off-by: Felix Fietkau <nbd@nbd.name>
* hostapd: enable the epoll-based event loopRui Salvaterra2020-11-238-8/+8
| | | | | | Hostapd supports epoll() since 2014. Let's enable it for better performance. Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
* uhttpd: update to git HEADDaniel Golle2020-11-231-4/+4
| | | | | | f53a639 ubus: fix uhttpd crash Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* uqmi: update to git HEADDaniel Golle2020-11-221-4/+4
| | | | | | | 65796a6 nas: add --get-plmn 0a19b5b uqmi: add timeout parameter Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* uqmi: set device-operating-mode to onlineFilip Moc2020-11-222-1/+4
| | | | | | | This is required for LTE module MR400 (in TL-MR6400 v4). Otherwise LTE module won't register to GSM network. Signed-off-by: Filip Moc <lede@moc6.cz>
* uqmi: add support for IPv4 autoconf from QMIFilip Moc2020-11-222-12/+39
| | | | | | | | | | | There already was an option for autoconfiguring IPv4 from QMI but this was removed by commit 3b9b963e6e08 ("uqmi: always use DHCP for IPv4"). DHCP does not work on MR400 LTE module (in TL-MR6400 v4) so let's readd support for IPv4 autoconf from QMI but this time allow to configure this for IPv4 and IPv6 independently and keep DHCP default on IPv4. Signed-off-by: Filip Moc <lede@moc6.cz>
* uqmi: wait forever registration if timeout set to 0Thomas Richard2020-11-221-2/+2
| | | | | | | | | | | Give possibility to wait forever the registration by setting timeout option to 0. No timeout can be useful if the interface starts whereas no network is available, because at the end of timeout the interface will be stopped and never restarted. Signed-off-by: Thomas Richard <thomas.richard@kontron.com>
* netifd: update to the latest versionFelix Fietkau2020-11-211-3/+3
| | | | | | | | | 351d690f1a09 wireless: fix passing bridge name for vlan hotplug pass-through c1c2728946b5 config: initialize bridge and bridge vlans before other devices 5e18d5b9ccb1 interface: do not force link-ext hotplug interfaces to present by default 4544f026bb09 bridge-vlan: add support for defining aliases for vlan ids Signed-off-by: Felix Fietkau <nbd@nbd.name>